You've done everything you can to logically secure your systems, along with layering in user education and providing physical security. However, the only way to know if your defenses will hold is to test them. This course looks at one of the most important skills of any IT security professional: penetration testing. A key competency for the Certified Ethical Hacker exam, penetration testing is the process to check if a computer, system, network, or web application has any vulnerabilities. Cybersecurity expert Lisa Bock reviews the steps involved in performing a worthwhile penetration test, including auditing systems, listing and prioritizing vulnerabilities, and mapping out attack points a hacker might target. She also defines the various types of "pen" tests-such as black, grey, and white box; announced vs. unannounced; and automated vs. manual testing-and the techniques and blueprints a pen tester should use to test everything from Wi-Fi to VoIP. Finally, she discusses how to choose and work with an outsourced pen-testing organization, which can bring a valuable outsider's perspective to your IT security efforts.
* Auditing security mechanisms * Locating vulnerabilities * Exploring types of penetration testing * Pen testing techniques * Following a pen-testing blueprint * Testing physical, wireless, website, database, and email security * Outsourcing penetration testing